Generation of random numbers is a well known problem in the data security and cryptographic field for example. Random numbers are used for instance to generate challenges, perform cryptographic operations such as generate initialization vectors (IV), generate session encryption and decryption keys, and other purposes. For purposes of this disclosure, each of these exemplary applications and others such as use of random numbers in Smartcards is generally referred to as a “cryptographic process”. As well known, generating truly random numbers is rather difficult or impossible using computer enabled (software) methods. Most computer operating systems generate numbers referred to as “random” by means of a pseudo-random number generator (PRNG) which may be in hardware or software. Hence these numbers are considered pseudo-random. For purpose of this disclosure, pseudo-random and true random are both generally referred to as “random”. Use of random numbers generated by a computer operating system pseudo-random number generator is quite desirable for use in cryptographic systems since otherwise the cryptographic process must itself generate the random numbers internally, thus duplicating a function already available in the underlying computer operating systems.
However it is known that for an attacker (pirate or hacker) who wishes to attack a cryptographic or other random number-using process, use of such random numbers generated by an operating system or other random number generator can lead to security breaches. There are number of ways for a hacker to perform such attacks. Some of these are referred to as “hooking”, which in computer science is a technique employing so-called hooks to make a chain of procedures an event handler. Thus, after the handled event occurs, control flow follows the chain in specific order. The new hook registers its own address as handler for the event and is expected to call the original handler at some point. Hooking is used by hackers to inject potentially malicious code into an event handler. Some types of hooking employ intercepting library function calls made by a process. One types of hooking used to penetrate the security of cryptographic systems is Import Address Table (IAT) hooking. Tools are published on the Internet which allow to do this, for instance to attack various operating systems. For instance there are well known API (Application Programming Interface) spying utilities for exploring the inter-structure of software applications (programs) and operating systems. Another method is DLL (Dynamic Link Library) hooking or patching. Another method is known as kernel hooking. Another method is modifying the pseudo-random number generator behavior in the operating systems. All of these allow the hacker to generate values from the operating system which appear to be random, but in fact are known or partially known to the hacker. By thus inputting a known “random” value to the cryptographic process, it makes it easier to extract the keys of the cryptographic process or otherwise penetrate its security using a known input-type attack. For instance, clear-cipher attacks consist of recovering an algorithm, keys, or other cryptographic element and analyzing the output for a known input. Thus the availability of hooking in combination with the use of random numbers generated by an operating system leads to a weakness in cryptographic processes.